Article ID: 261203 - View products that this article applies to.
This article was previously published under Q261203
This article has been archived. It is offered "as is" and will no longer be updated.
A Windows 2000 client in a Windows 2000 domain may not be able to open any Active Directory snap-ins. When the client attempts to open a snap-in, the following error messages may be displayed:
This problem can occur if the domain controller is running Routing and Remote Access (RRAS) with Network Address Translation (NAT) configured, or if the client is running Internet Connection Sharing (ICS).
Active Directory Domains and Trusts: "The configuration information describing this enterprise is not available. Unspecified error."
Active Directory Sites and Services: "Naming information cannot be located because: Unspecified error. Contact your system administrator to verify that your domain is properly configured and is currently online."
Active Directory Users and Computers: "Naming information cannot be located because: Unspecified error. Contact your system administrator to verify that your domain is properly configured and is currently online."
Certification Authority: "The specified service does not exist as an installed service. 0x424 (1060)"
This behavior occurs because of the H.323/Lightweight Directory Access Protocol (LDAP) proxy service that is included with NAT and ICS. The proxy misinterprets the query and causes the TCP reset.
The H.323/LDAP proxy service allows NAT/ICS clients to participate in H.323 and Microsoft NetMeeting conference calls and register themselves with an Internet Locator Service (ILS) server using LDAP from behind the NAT/ICS router.
The root cause of these error messages is that the LDAP proxy that is incorporated into NAT has a hard-coded limit of 64 KB on the LDAP protocol data unit (PDU) size. When domain-related LDAP traffic (which is often 300 KB or more in size) exceeds this limit, the H.323/LDAP proxy resets the connection.
To resolve this problem, obtain the latest service pack for Windows 2000. For additional information, click the following article number to view the article in the Microsoft Knowledge Base:
(http://support.microsoft.com/kb/260910/EN-US/ )How to Obtain the Latest Windows 2000 Service Pack
To work around this issue if you are using RRAS and NAT, use either of the following methods:
Microsoft has confirmed that this is a problem in Microsoft Windows 2000.
This problem was first corrected in Windows 2000 Service Pack 1.
Contact us for more help